CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 05, 2026

Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities

Security Week Archived Jun 05, 2026 ✓ Full text saved

Posing as recruiters on online platforms, Chinese intelligence officers target personnel with access to classified or privileged information. The post Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities appeared first on SecurityWeek .

Full text archived locally
✦ AI Summary · Claude Sonnet


    Chinese military intelligence officers are posing as recruiters in online campaigns targeting government and military personnel with access to sensitive information, the Five Eyes countries warn. Using fake job announcements on professional networking sites and recruitment platforms, the Chinese spies impersonate think tanks, private consultancies, and HR firms, placing advertisements for positions such as foreign policy and defense analysts. The fake recruitment process is meant to pressure candidates into revealing classified or privileged information. “China’s military intelligence services ultimately seek to acquire privileged military, political and economic intelligence that can provide China with a strategic and tactical advantage over the Five Eyes,” the alert (PDF) reads. The alert was authored by the United States’ FBI, the United Kingdom’s MI5, the Australian Security Intelligence Organisation, Canada’s Security Intelligence Service, and New Zealand’s Security Intelligence Service. Using these tactics, China’s intelligence officers seek to establish long-term relationships with security clearance holders, military personnel, and individuals with indirect access to government information. The campaigns are conducted on platforms such as LinkedIn, Indeed, and Upwork, and applicants’ resumes are ranked based on potential access to sensitive information. Selected applicants are then contacted and invited to virtual interviews during which the recruiters conceal their identities and probe candidates about their access to government personnel. Next, the “candidates are asked to write a trial report on a topic such as China’s bilateral relations, the Indo-Pacific region, and related defense issues, or international trade,” the alert reads. The fake recruiters then inform the candidates that additional reports need to include more privileged information, and the communication is typically moved to supposedly more secure platforms, such as encrypted messaging services. “Recruits receive anywhere from a few hundred to several thousand dollars per report, and may be offered more money in return for increasingly sensitive information. Payment methods include third-party payment platforms, such as PayPal, Payoneer, Zelle, Skrill, and Wise, as well as Western Union, e-transfer, and cryptocurrency,” the Five Eyes say. Payments are typically received from the account of an individual who was not involved in the recruitment process. According to the alert, even unclassified information provided by candidates is likely collected and combined with more sensitive data. “Certain types of data can place the lives of frontline military or other personnel at risk, can weaken our economic prosperity, and enable interference in our democratic processes,” the alert reads. Additionally, applicants risk the compromise of their personal information contained within resumes, and could face various consequences for disclosing classified information, such as prosecution for espionage, job loss, and security-clearance revocation. Noting that the tactic is not new, Exabeam’s Steve Povolny pointed to the scale and precision that professional networking platforms are bringing to the approach. Used as intelligence collection environments, these platforms allow spies to recruit individuals without leaving their desks. “The larger lesson is that the insider threat is no longer confined to employees intentionally stealing secrets. Adversaries are targeting the vast ecosystem surrounding sensitive information, including contractors, former government personnel, academics, researchers, journalists, and industry experts who may possess only fragments of valuable knowledge,” Povolny commented. “In an era of data aggregation, even information that appears unclassified in isolation can become strategically significant when combined with other sources. The most successful espionage operations today don’t begin with a breach of technology. They begin with a conversation, a networking request, or a job offer that seems entirely legitimate,” he added. Related: FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data Related: FBI Warns of Surge in Hacker-Enabled Cargo Theft Related: FBI: Cybercrime Losses Neared $21 Billion in 2025 Related: FBI Warns of Data Security Risks From China-Made Mobile Apps WRITTEN BY Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire Mirasvit Vulnerability Exploited to Execute Code on Magento Servers Chinese Cybercrime Group in Spotlight for Record Campaign Pace Over 1.4 Million Accounts Disrupted in Cybercrime Crackdown Cisco Warns of Available PoC for Critical Unified CM Vulnerability Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs IMA Diligence Services Data Breach Impacts 525,000 People Organizations Warned of Exploited Linux Kernel Vulnerability ‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in Seconds Latest News Hackers Leak DentaQuest Information Impacting 2.6 Million Chrome 149 Patches 429 Vulnerabilities Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 Offroad Emerges From Stealth With $7 Million to Tackle Enterprise Identity Risk Webinar Today: Third-Party Risk in Practice – Where Programs Break Down and How to Respond Willow Raises $7 Million for Securing Autonomous AI Agents Trending Webinar: Third-Party Risk In Practice June 4, 2026 Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice. Register Virtual Roundtable: CISO Forum 2026 Mid-Year Review June 10, 2026 Explore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks. Register People on the Move Cyera has appointed Naveen Palavalli as Chief Marketing Officer. Connie Devine has been promoted to Chief Information Security Officer at Phillips 66. Jeff Lunglhofer becomes Chief Security Officer at Coinbase, replacing Philip Martin. More People On The Move Expert Insights The Zero-Knowledge Threat Actor And The End Of Responsible Disclosure AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (Etay Maor) Raising The Cybersecurity Stakes: Ante Up For The Agentic Era CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale. (Nadir Izrael) Caught Off Guard: Securing AI After It Hits Production As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. (Joshua Goldfarb) Cyber Resilience Is The New Business Continuity Plan The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. (Steve Durbin) Enhancing Data Center Security Without Sacrificing Performance For AI data centers, where the stakes are the highest and performance constraints are the tightest, security and performance are no longer a zero-sum game. (Nadir Izrael) Flipboard Reddit Whatsapp Email
    💬 Team Notes
    Article Info
    Source
    Security Week
    Category
    ◇ Industry News & Leadership
    Published
    Jun 05, 2026
    Archived
    Jun 05, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗